for it.
--
James Manger
From: Nat Sakimura [mailto:sakim...@gmail.com]
Sent: Sunday, 15 May 2016 1:38 AM
To: Manger, James ; Hannes Tschofenig
; oauth@ietf.org; barr...@ebu.ch
Subject: Re: [OAUTH-WG] Cross Platform Authentication - OAuth 2.0 Device Flow -
WWW-Authenticate to advertise OAuth 2.0
Hi James,
Does not the section 3 of RFC6750 talk about it?
If you are talking about uri parameter that represents the AS, then, yes, I
think it is a good idea to have one, though IMHO it is better to be
returned in a link header.
Best,
Nat
On Fri, May 13, 2016 at 04:04 Manger, James
wrote:
>
Hi Michael & OAuth-ers,
The EBU Cross Platform Auth spec has defined their own "CPA" scheme for the
WWW-Authenticate HTTP response header to advertise OAuth 2.0 capability
[section 7.7.1 "Authentication challenge" in
https://tech.ebu.ch/docs/tech/tech3366.pdf].
WWW-Authenticate: CPA versio